Cloning WhatsApp by ISP for monitoring

Cloning the WatsApp

Key Points

WhatsApp uses some sort of customized XMPP server, named internally as FunXMPP, which is basically some extended proprietary version.

Login procedure

Much like XMPP, WhatsApp uses JID (jabber id) and password to successfully login to the service. The password is hashed and happened to be an MD5’d, reversed­version of the mobile’s IMEI (International Mobile Equipment Identity) or equivalent unique ID, stored in servers upon account creation and used transparently everytime the client connects the server.

Message sending

Messages are basically sent as TCP packets, following WhatsApp’s own format (unlike what’s defined in XMPP RFCs).
Despite the usage of SSL­like communication, messages are being sent in plain­text format.

Thats all we need

ISP controls the user interaction from the internet we can clone watsapp and filter contents via API calls like images, location, chat everything etc.
Whole watsapp data on the entire network can be logged, analysed etc.